summaryrefslogtreecommitdiff
path: root/config/filter.d/kerio.conf
diff options
context:
space:
mode:
Diffstat (limited to 'config/filter.d/kerio.conf')
-rw-r--r--config/filter.d/kerio.conf8
1 files changed, 7 insertions, 1 deletions
diff --git a/config/filter.d/kerio.conf b/config/filter.d/kerio.conf
index e0d94753..0fde0927 100644
--- a/config/filter.d/kerio.conf
+++ b/config/filter.d/kerio.conf
@@ -3,9 +3,14 @@
[Definition]
failregex = ^ SMTP Spam attack detected from <HOST>,
- ^ IP address <HOST> found in DNS blacklist \S+, mail from \S+ to \S+$
+ ^ IP address <HOST> found in DNS blacklist
^ Relay attempt from IP address <HOST>
^ Attempt to deliver to unknown recipient \S+, from \S+, IP address <HOST>$
+ ^ Failed SMTP login from <HOST>
+ ^ SMTP: User \S+ doesn't exist. Attempt from IP address <HOST>
+ ^ Client with IP address <HOST> has no reverse DNS entry, connection rejected before SMTP greeting$
+ ^ Administration login into Web Administration from <HOST> failed: IP address not allowed$
+ ^ Message from IP address <HOST>, sender \S+ rejected: sender domain does not exist$
ignoreregex =
@@ -14,5 +19,6 @@ datepattern = ^\[%%d/%%b/%%Y %%H:%%M:%%S\]
# DEV NOTES:
#
# Author: A.P. Lawrence
+# Updated by: M. Bischoff <https://github.com/herrbischoff>
#
# Based off: http://aplawrence.com/Kerio/fail2ban.html
View Lorry Controller Status